Vacancy expired!
- Ensure the data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to organizational objectives and the organization’s risk strategy.
- Ensure the organization understands the cybersecurity risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals.
- Ensure the organization’s mission, objectives, stakeholders, and activities are understood and prioritized; this information is used to inform cybersecurity roles, responsibilities, and risk management decisions.
- 8+ years of cybersecurity experience.
- 4+ years’ experience working in a cyber GRC capacity required.
- Expert knowledge in the following areas: NIST CSF, NIST SP 800-53 Rev 5, NIST SP 800-37 (RMF), MITRE CVE & CVSS (vulnerability management), user training & awareness programs.
- Strong foundational knowledge in the following areas: supply chain risk management, third party risk management, IT audit procedures.
- Fundamental knowledge of MITRE ATT&CK, OWASP, CIS Benchmarks, cloud security
- Ability to construct policies, standards, guidelines, and procedures in a manner easily ingestible and digestible by technical and non-technical audiences.
- Ability to extract, transform, and load large data sets into easily actionable intelligence for both technical and non-technical audiences.
- Ability to communicate complex cybersecurity concepts in a clear and concise manner for laypersons unfamiliar with cybersecurity and/or IT concepts.
- ID: #44639379
- State: Virginia Alexandria 22301 Alexandria USA
- City: Alexandria
- Salary: $140,000 - $150,000
- Job type: Permanent
- Showed: 2022-08-06
- Deadline: 2022-10-04
- Category: Et cetera